Question in login script

zone8567 · #1 (**permalink**) May 23rd, 2008, 08:03 AM

Hi, I am currently working on a project on asp login. Login.asp seems okie since i am able to login the. After i login, it should link to default.asp, which is supposed to display the profile of the user from a database. However, default.asp did load but nothing appear on the webpage. There is also no error msg at all. I will include the script for login.asp and default.asp below. Please feel free to comment. Thanks a lot!

---------------------------------------------------------------- login.asp --------------------------------------------------------------------------

<HTML>
<style type="text/css">

</style>
<BODY>

      <div align="center">
        <p> </p>
        <p>
      <%
  Response.Expires = 0

   If Request.Form("cmdLogin") <> "" Then
    Dim strUsername
  Dim strPassword
  Dim Con
  Dim rsQuery

  strUsername = Replace(Request.Form("txtUsername"),"'","''")
  strPassword = Request.Form("txtPassword")

  Set Con = Server.CreateObject("ADODB.Connection")
  Set rsQuery = Server.CreateObject("ADODB.Recordset")

  dbname="www.mdb"
  cnpath="DBQ=" & server.mappath(dbname)
  Con.Open "DRIVER={Microsoft Access Driver (*.mdb)}; " & cnpath

  Set rsQuery = Con.Execute("SELECT Password,Username FROM UserDB WHERE Username='" & strUsername & "'")
  If rsQuery.EOF Then
   Response.Write "Username not found."
   %>
            <br>
            <br>
            <%
   Response.Write("<a href=Login.asp>Login again</a>")
  Else
   If strPassword = rsQuery("Password").Value Then
    'set sessions
    Session("Username") = "[" & rsQuery("Username").Value & "]"

    'Cookie code
    Response.Cookies("NEVERGUESSUsername")=rsQuery("Us ername").Value
    Response.Cookies("NEVERGUESSUsername").Expires=Now () + 10
    Response.Cookies("NEVERGUESSPassword")=rsQuery("Pa ssword").Value
    Response.Cookies("NEVERGUESSPassword").Expires=Now () + 10

    Response.Redirect "Default.asp"
   Else
    Response.Write "Invalid Password."
    %>
             <br>
             <br>
             <%
    Response.Write("<a href=Login.asp>Login again</a>")
   End If
  End If
   Else
%>
      <span class="style1">Welcome to RFIC Profile Database</span></p>
        <p> </p>
      </div>
<form name="form1" method="post" action="Login.asp">
<TABLE BORDER=0 align="center">
       <TR>
            <TD>Username</TD>
          <TD><INPUT TYPE="TEXT" NAME="txtUsername"> </TD>
       </TR>
       <TR>
            <TD bgcolor="#FFFFFF">Password</TD>
         <TD><INPUT TYPE="PASSWORD" NAME="txtPassword" > </TD>
       </TR>
     </TABLE>
     <br>
  <CENTER>
    <input name="cmdlogin" type="submit" id="submit" value="Login" >
    <input type="reset" name="cmdReset" value="Reset" >
  </CENTER>
</form>
<%
   End If
%>

</BODY>
</HTML>

---------------------------------------------------------------- default.asp --------------------------------------------------------------------------

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HEAD>
     <TITLE>login.1.asp</TITLE>
     <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</HEAD>
<html>
<body>
<%

Response.Expires=0

Dim Con
Dim rsQuery
Dim strAction
DIm strSubmit
Dim intID
DIm strName
Dim strMessage

Set Con = Server.CreateObject("ADODB.Connection")
Set rsQuery = Server.CreateObject("ADODB.Recordset")
strAction = Request.QueryString("Action")
strSubmit = Request.Form("Submit")

dbname="www.mdb"
cnpath="DBQ=" & server.mappath(dbname)
Con.Open "DRIVER={Microsoft Access Driver (*.mdb)}; " & cnpath

If Session("Username") = "" Then
  If Request.Cookies("NEVERGUESSUsername") <> "" Then
   Set rsQuery = Con.Execute("SELECT Password,Username FROM UserDB WHERE Username='" & Request.Cookies("NEVERGUESSUsername") & "'")
   If NOT rsQuery.EOF Then
    If Request.Cookies("NEVERGUESSPassword") = rsQuery("Password").Value Then
     Session("Username") = "[" & rsQuery("Username").Value & "]"
     Application("Users" & Session("Start")) = Session("Username")
    End If
   End If
  End If
end if

intID = Request.QueryString("ID")
If intID = "" Then intID = 0
If strSubmit = "" Then strSubmit = " "
If strAction = "" Then strAction = " "

Set rsQuery = Con.Execute ("SELECT * FROM UserDB WHERE ID=" & intID)
If not rsQuery.EOF then
%>
<table width="1224" border="1">
  <tr>
    <td width="176">Name</td>
    <td width="966"><%Response.write rsQuery("Name")%></td>
  </tr>
  <tr>
    <td>Job Title</td>
    <td><%Response.write rsQuery("Job")%></td>
  </tr>
  <tr>
    <td>Department</td>
    <td><%Response.write rsQuery("Department")%></td>
  </tr>
  <tr>
    <td>Phone Number</td>
    <td><%Response.write rsQuery("Phone")%></td>
  </tr>
  <tr>
    <td>Fax Number</td>
    <td><%Response.write rsQuery("Fax")%></td>
  </tr>
  <tr>
    <td>Office</td>
    <td><%Response.write rsQuery("Office")%></td>
  </tr>
  <tr>
    <td>Email</td>
    <td><%Response.write rsQuery("Email")%></td>
  </tr>
  <tr>
    <td>Biography</td>
    <td><%Response.write rsQuery("Biography")%></td>
  </tr>
  <tr>
    <td>RF IC Work in NTU</td>
    <td><%Response.write rsQuery("RFIC")%></td>
  </tr>
  <tr>
    <td>Research Interest</td>
    <td><%Response.write rsQuery("Interest")%></td>
  </tr>
  <tr>
    <td>Selected Projects</td>
    <td><%Response.write rsQuery("Project")%></td>
  </tr>
  <tr>
    <td>Major Research Accomplishment</td>
    <td><%Response.write rsQuery("Accomplishment")%></td>
  </tr>
</table>
<%
End if
%>
</body>
</html>

mat41 · #2 (**permalink**) May 25th, 2008, 06:57 PM

TIP - Very broad question. You should be more specific and post only problematcic code for the best results here. People who give thier time here want to see you have done your best to help yourself.

Without going through all your code I assume rsQuery is an empty record set. Have you written your query:

et rsQuery = Con.Execute ("SELECT * FROM UserDB WHERE ID=" & intID)

to the browser and run it directoy to see f your have results?

Wind is your friend
Matt
www.elitemarquees.com.au

Need to download code?

Navigation